.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:09:22.248674976Z | 47 | PC: 12a69 | Get disk transfer address |
| 2018-12-17T22:09:22.255259176Z | 26 | PC: 12a7b | Set disk transfer address |
| 2018-12-17T22:09:22.256262805Z | 44 | PC: 12a7f | Get time 0x12a7f: mov word ptr [si + 0x388], dx 0x12a83: mov ah, 0x4e 0x12a85: mov cx, 3 0x12a88: mov dx, 0x382 0x12a8b: add dx, si 0x12a8d: int 0x21 0x12a8f: jb 0x12a98 0x12a91: mov bx, 0x19c 0x12a94: add bx, si 0x12a96: jmp bx 0x12a98: cmp byte ptr [si + 0x2a3], 2 0x12a9d: je 0x12ab9 0x12a9f: mov byte ptr [si + 0x2a3], 2 0x12aa4: nop 0x12aa5: mov ah, 0x3d 0x12aa7: mov al, 2 0x12aa9: mov dx, 0x2a4 0x12aac: add dx, si 0x12aae: int 0x21 0x12ab0: jb 0x12ab9 |
| 2018-12-17T22:09:22.258401401Z | 78 | PC: 12a8f | Find first file |
| 2018-12-17T22:09:22.264676049Z | 67 | PC: 12ae6 | Get or set file attributes |
| 2018-12-17T22:09:22.271962264Z | 67 | PC: 12af7 | Get or set file attributes |
| 2018-12-17T22:09:22.27654671Z | 61 | PC: 12b12 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:09:22.283591998Z | 63 | PC: 12b22 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:09:22.289954645Z | 66 | PC: 12b3a | Move file pointer |
| 2018-12-17T22:09:22.291522619Z | 66 | PC: 12b52 | Move file pointer |
| 2018-12-17T22:09:22.293134586Z | 64 | PC: 12b5e | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:09:22.296459586Z | 66 | PC: 12b6a | Move file pointer |
| 2018-12-17T22:09:22.297898349Z | 64 | PC: 12b76 | Write file or device (Write 714 bytes on handle 5) |
| 2018-12-17T22:09:22.312668097Z | 62 | PC: 12b7a | Close file |
| 2018-12-17T22:09:22.321629544Z | 67 | PC: 12b88 | Get or set file attributes |
| 2018-12-17T22:09:22.331255911Z | 79 | PC: 12a8f | Find next file |
| 2018-12-17T22:09:22.334031167Z | 67 | PC: 12ae6 | Get or set file attributes |
| 2018-12-17T22:09:22.34021556Z | 67 | PC: 12af7 | Get or set file attributes |
| 2018-12-17T22:09:22.344838351Z | 67 | PC: 12b88 | Get or set file attributes |
| 2018-12-17T22:09:22.354129339Z | 79 | PC: 12a8f | Find next file |
| 2018-12-17T22:09:22.357793786Z | 67 | PC: 12ae6 | Get or set file attributes |
| 2018-12-17T22:09:22.368350044Z | 67 | PC: 12af7 | Get or set file attributes |
| 2018-12-17T22:09:22.377899255Z | 67 | PC: 12b88 | Get or set file attributes |
| 2018-12-17T22:09:22.389038281Z | 79 | PC: 12a8f | Find next file |
| 2018-12-17T22:09:22.39189395Z | 67 | PC: 12ae6 | Get or set file attributes |
| 2018-12-17T22:09:22.397595285Z | 67 | PC: 12af7 | Get or set file attributes |
| 2018-12-17T22:09:22.409322381Z | 67 | PC: 12b88 | Get or set file attributes |
| 2018-12-17T22:09:22.419054083Z | 79 | PC: 12a8f | Find next file |
| 2018-12-17T22:09:22.421646438Z | 67 | PC: 12ae6 | Get or set file attributes |
| 2018-12-17T22:09:22.427308391Z | 67 | PC: 12af7 | Get or set file attributes |
| 2018-12-17T22:09:22.43691439Z | 67 | PC: 12b88 | Get or set file attributes |
| 2018-12-17T22:09:22.450122937Z | 79 | PC: 12a8f | Find next file |
| 2018-12-17T22:09:22.453007057Z | 67 | PC: 12ae6 | Get or set file attributes |
| 2018-12-17T22:09:22.459050257Z | 67 | PC: 12af7 | Get or set file attributes |
| 2018-12-17T22:09:22.464123538Z | 61 | PC: 12b12 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:09:22.471405459Z | 63 | PC: 12b22 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:09:22.477951973Z | 66 | PC: 12b3a | Move file pointer |
| 2018-12-17T22:09:22.479359047Z | 66 | PC: 12b52 | Move file pointer |
| 2018-12-17T22:09:22.480700264Z | 64 | PC: 12b5e | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:09:22.483944448Z | 66 | PC: 12b6a | Move file pointer |
| 2018-12-17T22:09:22.485356712Z | 64 | PC: 12b76 | Write file or device (Write 714 bytes on handle 5) |
| 2018-12-17T22:09:22.493950192Z | 62 | PC: 12b7a | Close file |
| 2018-12-17T22:09:22.502838944Z | 67 | PC: 12b88 | Get or set file attributes |
| 2018-12-17T22:09:22.515859375Z | 79 | PC: 12a8f | Find next file |
| 2018-12-17T22:09:22.518421682Z | 67 | PC: 12ae6 | Get or set file attributes |
| 2018-12-17T22:09:22.524676752Z | 67 | PC: 12af7 | Get or set file attributes |
| 2018-12-17T22:09:22.530200668Z | 67 | PC: 12b88 | Get or set file attributes |
| 2018-12-17T22:09:22.539965721Z | 79 | PC: 12a8f | Find next file |
| 2018-12-17T22:09:22.543774071Z | 67 | PC: 12ae6 | Get or set file attributes |
| 2018-12-17T22:09:22.549200024Z | 67 | PC: 12af7 | Get or set file attributes |
| 2018-12-17T22:09:22.558824526Z | 61 | PC: 12b12 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:09:22.571461751Z | 63 | PC: 12b22 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:09:22.579851758Z | 67 | PC: 12b88 | Get or set file attributes |
| 2018-12-17T22:09:22.590105546Z | 79 | PC: 12a8f | Find next file |
| 2018-12-17T22:09:22.593724022Z | 61 | PC: 12ab0 | Open file (Filename = 'c:\command.com') |
| 2018-12-17T22:09:22.600810165Z | 67 | PC: 12ae6 | Get or set file attributes |
| 2018-12-17T22:09:22.606729429Z | 67 | PC: 12af7 | Get or set file attributes |
| 2018-12-17T22:09:22.612363244Z | 61 | PC: 12b12 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:09:22.619626783Z | 63 | PC: 12b22 | Read file or device (Read 4 bytes on handle 7) |
| 2018-12-17T22:09:22.622625237Z | 67 | PC: 12b88 | Get or set file attributes |
| 2018-12-17T22:09:22.635310869Z | 79 | PC: 12a8f | Find next file |
| 2018-12-17T22:09:22.638321356Z | 9 | PC: 12ba1 | Display string (String= ' Este fichero ha sido infectado por el TSC virus. Usas mucho el ordenador, no si dejar que sigas con el. Voy a pensarlo un momento. ') |
| 2018-12-17T22:09:25.364843509Z | 9 | PC: 12bda | Display string (String= ' Lo siento, he decidido que no. ') |